Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Narzmj-Pyxv6Q8RnzT6S5CQjfAU.roa
File: Narzmj-Pyxv6Q8RnzT6S5CQjfAU.roa (raw, json)
Hash identifier: 3zLyIHqXOACAL4xOvRcS2YSdYwt6U6VyPmuq+mZz1dg=
Subject key identifier: 35:AA:F3:9A:3F:8F:CB:1B:FA:43:C4:67:CD:3E:92:E4:24:23:7C:05
Certificate issuer: /CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Certificate serial: 018CBF5A0A0C6DDE1558E1A9EFBC3D0C7BFE
Authority key identifier: FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Narzmj-Pyxv6Q8RnzT6S5CQjfAU.roa
Signing time: Sun 31 Dec 2023 10:09:58 +0000
ROA not before: Sun 31 Dec 2023 10:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211970
IP address blocks: 212.126.113.0/24 maxlen: 24
2a04:2dc0:18::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bf:5a:0a:0c:6d:de:15:58:e1:a9:ef:bc:3d:0c:7b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faccbb72aa9884a5bf8d0e757404a17e5e23322c
Validity
Not Before: Dec 31 10:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35aaf39a3f8fcb1bfa43c467cd3e92e424237c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:a2:ed:b0:84:1b:fb:42:c3:79:59:f8:cc:
bb:b8:1e:41:de:ac:17:9c:a5:04:6d:8e:d5:49:1b:
3b:3e:39:f8:cc:de:70:03:d0:fd:28:0b:2d:ba:1e:
05:b0:91:62:03:e3:b3:de:15:1c:95:7e:8f:f4:5e:
1b:d7:5e:90:75:c6:b0:21:a2:99:8f:2e:b1:36:51:
f3:cd:8b:42:5a:2a:0e:00:2a:7c:2c:5b:65:c1:20:
7d:22:7e:88:43:17:0d:c5:65:46:0d:cb:25:ea:cf:
fe:c7:85:19:cf:4d:14:bd:3d:04:f5:77:28:cc:5d:
db:67:d5:7d:03:04:78:ee:e8:58:d5:b6:49:43:1a:
bc:59:59:ae:bb:74:11:94:e4:ac:7f:4c:48:b6:80:
98:a9:58:c4:a9:6a:6d:4f:e6:26:04:d6:d7:06:e3:
23:97:0d:df:5a:94:6e:67:ba:2e:0d:4f:fa:43:37:
8a:b6:61:48:ef:85:19:6a:16:99:c6:7b:cd:06:a9:
ef:ba:8a:e1:45:ba:aa:99:89:d5:45:ff:c9:44:20:
1e:1b:32:71:67:38:6d:81:96:6e:0e:81:4a:5d:5f:
93:cd:32:5e:58:8d:f6:96:1a:0f:87:f4:c2:a3:29:
72:48:47:e3:a5:36:52:bd:79:97:92:d8:dd:a5:6b:
b6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:AA:F3:9A:3F:8F:CB:1B:FA:43:C4:67:CD:3E:92:E4:24:23:7C:05
X509v3 Authority Key Identifier:
keyid:FA:CC:BB:72:AA:98:84:A5:BF:8D:0E:75:74:04:A1:7E:5E:23:32:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sy7cqqYhKW_jQ51dAShfl4jMiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/Narzmj-Pyxv6Q8RnzT6S5CQjfAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/e8cb44-a954-4672-b9a4-a49e5c6633bd/1/1-sy7cqqYhKW_jQ51dAShfl4jMiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.126.113.0/24
IPv6:
2a04:2dc0:18::/48
Signature Algorithm: sha256WithRSAEncryption
52:be:8d:f3:a6:4b:4e:e4:8f:c6:28:2d:ef:9e:15:f6:a0:20:
58:d4:f4:34:0a:3a:34:d3:a1:c7:27:7a:e0:17:15:bf:1f:ff:
eb:55:09:55:2a:4b:ec:1f:08:cc:cb:a4:fa:c9:8a:e3:d7:35:
b3:22:a8:ff:4c:90:79:88:f4:cf:84:d0:83:d8:e5:62:f7:8c:
43:af:22:7d:37:f7:89:e7:bd:05:ad:8b:ad:e3:c0:19:92:f2:
37:b7:cb:5c:08:a8:ad:5f:a8:ca:1b:02:03:d2:99:b6:e7:b7:
02:42:91:c6:62:e1:2c:91:2a:ee:1f:50:21:54:19:75:a7:09:
60:2a:b8:b9:c5:e1:84:43:cb:a0:20:ce:58:bc:8b:0a:31:cf:
ff:75:cc:43:a4:cd:a8:c1:03:36:d2:53:12:db:79:6e:6f:53:
54:61:fb:02:61:81:90:b5:55:3a:b3:b5:91:0a:d6:cb:63:91:
ac:8c:ab:f7:5b:e0:0b:a9:cb:1a:47:72:0a:91:fd:f2:7e:68:
58:f0:c6:95:42:6b:32:e3:95:d8:db:b4:cd:da:6f:8f:76:56:
be:33:c6:f7:1e:2b:2c:19:82:53:10:f1:1c:17:3c:6d:d4:c0:
42:9a:89:7a:ba:85:62:e9:59:a3:f0:e5:94:de:96:f6:e2:b3:
88:c6:04:22
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYy/WgoMbd4VWOGp77w9DHv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2NiYjcyYWE5ODg0YTViZjhkMGU3NTc0MDRhMTdlNWUy
MzMyMmMwHhcNMjMxMjMxMTAwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWFhZjM5YTNmOGZjYjFiZmE0M2M0NjdjZDNlOTJlNDI0MjM3YzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9Oi7bCEG/tCw3lZ+My7uB5B3qwX
nKUEbY7VSRs7Pjn4zN5wA9D9KAstuh4FsJFiA+Oz3hUclX6P9F4b116QdcawIaKZ
jy6xNlHzzYtCWioOACp8LFtlwSB9In6IQxcNxWVGDcsl6s/+x4UZz00UvT0E9Xco
zF3bZ9V9AwR47uhY1bZJQxq8WVmuu3QRlOSsf0xItoCYqVjEqWptT+YmBNbXBuMj
lw3fWpRuZ7ouDU/6QzeKtmFI74UZahaZxnvNBqnvuorhRbqqmYnVRf/JRCAeGzJx
ZzhtgZZuDoFKXV+TzTJeWI32lhoPh/TCoylySEfjpTZSvXmXktjdpWu2LwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFDWq85o/j8sb+kPEZ80+kuQkI3wFMB8GA1UdIwQY
MBaAFPrMu3KqmISlv40OdXQEoX5eIzIsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zeTdjcXFZaEtXX2pRNTFkQVNoZmw0ak1pdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0
LWE0OWU1YzY2MzNiZC8xL05hcnptai1QeXh2NlE4Um56VDZTNUNRamZBVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTMvZThjYjQ0LWE5NTQtNDY3Mi1iOWE0LWE0OWU1YzY2MzNi
ZC8xLzEtc3k3Y3FxWWhLV19qUTUxZEFTaGZsNGpNaXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADUfnEw
DwQCAAIwCQMHACoELcAAGDANBgkqhkiG9w0BAQsFAAOCAQEAUr6N86ZLTuSPxigt
754V9qAgWNT0NAo6NNOhxyd64BcVvx//61UJVSpL7B8IzMuk+smK49c1syKo/0yQ
eYj0z4TQg9jlYveMQ68ifTf3iee9Ba2LrePAGZLyN7fLXAiorV+oyhsCA9KZtue3
AkKRxmLhLJEq7h9QIVQZdacJYCq4ucXhhEPLoCDOWLyLCjHP/3XMQ6TNqMEDNtJT
Ett5bm9TVGH7AmGBkLVVOrO1kQrWy2ORrIyr91vgC6nLGkdyCpH98n5oWPDGlUJr
MuOV2Nu0zdpvj3ZWvjPG9x4rLBmCUxDxHBc8bdTAQpqJerqFYulZo/DllN6W9uKz
iMYEIg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:41 2025 by rpki-client